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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )03 Responsive to communication(s) filed on 22 July 2004 . 
2a)^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-42 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) ^ Claim(s) 1-42 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) Q The drawing(s) filed on is/are: a)Q accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121 (d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
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2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claims 1-42 have been examined. Claims 1-37 remains rejected. 

2. Claims 1-42 have been rejected under 35 U.S. C. 102(e). 

3. This is a FINAL rejection. 



Claim Rejections - 35 USC §101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or 
composition of matter, or any new and useful improvement thereof, may obtain a patent 
therefor, subject to the conditions and requirements of this title. 

4. Claims 17-23 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. 

Claim 17 claims an access control method comprising requesting access using 
a subject identifier which is software-based and fails to include any hardware- 
based limitations. 

Claim 22 states software-based limitations of a computer- readable medium 
having an executable code stored comprising computer instructions for 
requesting access wherein these limitations fails to claim any hardware-based 
entity. 

All other claims are also rejected due to their dependencies. 



Application/ Control Number: 09/465,514 
Art Unit: 2135 



Page 3 



Claim Rejections - 35 USC S 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another 
filed in the United States before the invention thereof by the applicant for patent, or on an 
international application by another who has fulfilled the requirements of paragraphs (1), 
(2), and (4) of section 371(c) of this title before the invention thereof by the applicant for 
patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AIPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) 
prior to the amendment by the AIPA (pre-AIPA 35 U.S.C. 102(e)). 

5. Claims 1-42 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Garg, EtAl. (US 6,625,603). 

As per claim 1: 

Garg discloses a storage system comprising: 

a first storage area having an object stored therein; and [see FIG. 3 A] 
a second storage area having stored therein an object identifier that 
identifies the object, wherein the object identifier is unique within and outside 
of the storage system, [sec L7, lin s 5-6 and c 1.8, lin s 10-15] 
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As per claim 2: 

Garg discloses the object identifier is a Universal Unique Identifier (UUID). 
[see col.8, lines 10-13] 

As per claim 3: 

Garg discloses the first and second storage areas are storage areas within a 
database, [see col.5, lines 20-34] 

As per claim 4: Garg discloses the object identifier is a Universal Unique 
Identifier (UUID). [see col.8, lines 10-13] 
As per claim 5: 

Garg discloses the storage system is part of an access control system, 
[see col. 6, line 60 - col. 7, line 46] 
As per claim 6: 

Garg discloses a memory comprising: 

a first storage area having an object stored therein; and [see FIG.3A] 
a second storage area having stored therein an object identifier that 
identifies the object, wherein the object identifier is unique within and outside 
of the storage system, [see col.7, lines 5-6 and col. 8, lines 10-15] 
As per claim 7: Garg discloses the object identifier is a Universal Unique 
Identifier (UUID). [see col.8, lines 1-13] 

As per claim 8: Garg discloses the first and second storage areas are storage 
areas within a database, [s FIG.3A and 1.5, lines 20-34] 
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As per claim 9: Garg discloses the object identifier is a Universal Unique 
Identifier (UUID). [see coL8, lines 1-13] 
As per claim 10: 

Garg discloses a method of storing information in a storage system, 
comprising: 

storing an object in the storage system; and [see FIG. 3 A] 

storing an object identifier in the storage system, wherein the object identifier 

identifies the object, and the object identifier is unique within and outside of 

the storage system, [see coL7, lines 5-6 and col. 8, lines 10-15] 

As per claim 11: as rejected on the same rationale as applied in claim 2. 

As per claim 12: 

Garg teaches the object identifier is stored in a database, [see FIG.2 and col.6, 
line 66 - col. 7, line 5] 

As per claim 13: as rejected on the same rationale as applied in claim 12. 

As per claim 14: Garg discloses the object identifier is a Universal Unique 

Identifier (UUID). [see col.8, lines 1-13] 

As per claim 15: Garg discloses the object identifier is a Universal Unique 
Identifier (UUID). [see col.8, lines 1-13] 

As per claim 16: Garg discloses the storage system is part of an access 
control system, [see col.6, line 60 - coL7, line 46] 
As p r claim 17: 

Garg discloses an access control method comprising: 
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requesting access for a user to a remote resource [s c 1.5 lines 48-50], 
wherein the request includes a subject identifier [see col.2, lines 19-49] for use 
in making an access control decision [see col.7, lines 26-39], and wherein the 
subject identifier [see col. 12, lines 61-67] is unique within and outside of the 
remote resource and identifies the user, [see col. 13, lines 3-19 and col. 14, 
lines 50-54] 
As per claim 18: 

Garg discloses the subject identifier is a Universal Unique Identifier (UUID). 
[see col.2, lines 19-49 and col. 12, lines 61-67] 

As per claim 19: 

Garg discusses the request further includes a subject descriptor for use in the 
access control decision, [see col. 8, lines 23-43] 
As per claim 20: 

Garg discusses the subject descriptor is a UUID for an organizational structure 
that includes the user. [col. 8, lines 23-47 and col. 9, lines 5-12] 

As per claim 21: 

Garg discusses the access control decision is made by a resource manager that 
protects the remote resource [see col.7, lines 7-20], and the request is sent over 
a communications path considered safe by the protecting resource manager 
and the user, [see col.7, lines 26-29 and col.8, lines 23-44] 
Asp r claim 22: 
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Garg discloses a computer-readable medium having computer-executable code 
stored thereon comprising: 

requesting access for a user to a remote resource [see col.5, lines 48-50], 
wherein the request includes a subject identifier for use in making an access 
control decision [see col.7, lines 26-39], and wherein the subject identifier [see 
col. 12, lines 61-67] is unique within and outside of the remote resource and 
identifies the user, [see col. 13, lines 3-19 and col.14, lines 50-54] 
As per claim 23: as rejected on the same rationale as applied in claim 18. 
As per claim 24: 

Garg discloses a method of identifying a user requesting access to an object, 
comprising: 

establishing a secure communication path between a reference monitor 
protecting the object and a resource manager [see col.7, lines 7-25] having 
information describing the user, in response to a request by the user to access 
the object; [see col.8, lines 1-43] 

sending a request for user information from the protecting reference 
monitor to the resource manager [see coL7, lines 26-39], the request including 
a subject descriptor for the user [see col.8, lines 23-43 and col. 13, line 42 - 
coL14, line 30], wherein the subject identifier is a Universal Unique Identifier 
(UUID). [see col. 13, lines 3-19 and col.14, lines 50-54] 
[s col.7 lin s 30-35] 
As per claim 25: 
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Garg discloses determining, based on the received user information, if the user 
has permission to access the request object, [see col.8 lines 45-53] 
As per claim 26: 

Garg discloses the user information includes information relating to an 
organization of which the user is member, [see coL14 lines 50-54] 
As per claim 27: 

Garg discloses an information storage management system, comprising: 
a collection of stored objects; [see col.8, lines 11-14] 

an access control unit for determining if a requestor is authorized to 
access a protected object stored in the collection; [see col.7 lines 26-39] 

a resource manager connected to the access control unit and to a 
communication channel; [see FIG.3A] 

wherein the resource manager receives a user's request for access to the 
protected object, the request including a globally unique identifier for the user 
requesting the access [see col.8, lines 44-50], and in response to the user's 
request the resource manager sends over the communications channel [see 
ol.4, lines 45 - col.6, line 25] to an external storage management system a 
request for information about the user [see coL7 lines 40-60], the request 
including the globally unique identifier; and [see col. 13, lines 3-19 and col.14, 
lines 50-54] 

wherein the resource manager upon receiving a response including user 
information about the user passes the user information [s col. 13, lin 42 - 
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c 1.14, lin 30]to the access control unit [s col.7 lines 6-60]; and based on the 
user information the access control unit determines whether to grant the 
subject access to the protected object, [see col. 14, lines 13-30] 

As per claim 28: 

Garg discloses the globally unique identifier is a Universal Unique Identifier 
(UUID). [see col.8, lines 1-13] 

As per claim 29: 

Garg discloses the user information is organization information indicating 
whether the user is a member of an organization, [see col. 14 lines 50-54] 
As per claim 30: 

Garg discloses an information storage management system, comprising: 
a collection of stored objects; [see col.8, lines 11-14] 

an access control unit for determining if a requestor is authorized to 
access a protected object stored in the collection; [see col. 7 lines 26-39] 

a resource manager connected to the access control unit and to a 
communication channel; [see col.7, lines 6-60 and FIG.3A] 

wherein the resource manager receives a user's request for access to the 
protected object, the request including a globally unique identifier for the user 
requesting the access [see col.8, lines 1-13], and in response to the user's 
request the resource manager resolves the globally unique identifier to a user 
identifier recognized by an external storage management system [see coL7 lines 
40-60]; the resource manager sending to the external storage management 
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system a request for information about the user, the request including the 
resolved user identifier; and [see col.9, lines 10 thru col. 11, line 66] 

wherein the resource manager upon receiving a response including user 
information about the user passes the user information [see col. 8, lines 23-43] 
to the access control unit [see coL7, lines 6-60]; and based on the user 
information the access control unit determines whether to grant the subject 
access to the protected object, [see col. 15, lines 39-54] 
As per claim 31: 

Garg discloses the globally unique identifier is a Universal Unique Identifier 
(UUID). [see col. 13, lines 3-19 and col.14, lines 50-54] 

As per claim 32: 

Garg discloses the user information is organization information indicating 
whether the user is a member of an organization, [see col.14 lines 50-54] 
As per claim 33: 

Garg discloses the resource manager resolves the globally unique identifier by 
using a name server, [see col. 6, lines 46-53] 
As per claim 34: 

Garg discloses a method of accessing a protected object, comprising: 

sending a globally unique identifier for a user to a name resolving device, 

and receiving therefrom information about the user; and [see col. 13, lines 3-67] 
sending to a storage management system containing an object a request 

for access to the object, the request including the information about the user. 
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[s e col.7 lin s 26-39 and col. 14, lines 1-15] 

As per claim 35: as rejected on the same rationale as applied in claim 31. 
As per claim 36: 

Garg discloses a computer-readable medium of computer-executable code for 
accessing a protected object, comprising: 

a first set of computer instructions for sending a globally unique 
identifier for a user [see col. 13, lines 3-19 and col.14, lines 50-54] to a name 
resolving device, and receiving therefrom information about the user; and [see 
col.8, lines 23-43 and col. 15, lines 1-53] 

a second set of computer instructions for sending to a storage 
management system containing an object a request for access to the object [see 
col.7 lines 26-39], the request including the information about the user, [see 
col. 13, line 12 - col.14, line 30] 

As per claim 37: as rejected on the same rationale as applied in claim 31. 

As per claim 38: The storage system of claim 1, wherein the object is a 

database record describing a user, [see coL8 lines 5-36] 

As per claim 39: The memory of claim 6, wherein the object is a database 
record describing a user, [see col.8 lines 5-36] 

As per claim 40: The method of claim 10, wherein the object is a database 
record describing a user, [see col.8 lines 5-36] 
As per claim 4 1 : 

The access control method of claim 17, wherein the subject identifier identifies 
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a database record describing the user [s c 1.8 lin s 5-36], and the database 
record is stored on a local resource physically separate from the remote 
resource, [see col.7 lines 57-61] 
As per claim 42: 

The access control method of claim 22, wherein the subject identifier identifies 
a database record describing the user [see coL8 lines 5-36], and the database 
record is stored on a local resource physically separate from the remote 
resource, [see col.7 lines 57-61] 

EXAMINER'S ARGUMENT 

6. Applicants arguments filed July 22, 2004 have been fully 
considered but they are not persuasive. 

Garg's system uses GUIDs for objects which are supported by the 
operating system and services running under the operating system (col. 8, lines 
5-13). Garg also discloses GroupID which is an user identifier indicating that 
the user is a member of along with other users that has the similar access 
rights to the system (col. 12, lines 61-67 and col. 14, lines 50-54. The GUIDs of 
Garg has met the claimed limitations of claims 1-16, wherein the claim 
language states solely the "object" identifier and not limited to a "user". 
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Further, the GroupID of Garg identifies the user which meets the claim 
language of claims 17-36, which states a subject identifier that identifies the 
"user". In addition, Garg discusses that the invention may be used in a 
distributed computing environment where tasks are performed remotely linked 
through a communications network (col. 4, lines 45-67 and col. 6, lines 14-24) 
and Garg also indicates that it is known in the prior art for multi-user 
computer systems and systems connected to a multi-user network of 
computers require the ability to control and restrict access (col.l, lines 31-33 
and col.2, lines 20-43). 



Conclusion 

7. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension 
of time policy as set forth in 37 CFR 1. 136(a). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply 
is filed within TWO MONTHS of the mailing date of this final action and the 
advisory action is not mailed until after the end of the THREE-MONTH 
shortened statutory period, then the shortened statutory period will expire on 
the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In 
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no event, however, will the statutory period for reply expire later than SIX 
MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications 
from the examiner should be directed to LEYNNA T. HA whose telephone 
number is (571) 272-3851. The examiner can normally be reached on Monday 
- Thursday (7:00 - 5:00PM). 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached on (571) 272-3859. The fax 
phone number for the organization where this application or proceeding is 
assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see 
http://pair-direct.uspto.gov. Should you have questions on access to the 
Private PAIR system, contact the Electronic Business Center (EBC) at 866-217- 
9197 (toll-free). a 
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